ISO/IEC 27001:2022
In this change log, you can learn about the latest changes, improvements, and updates for the Service Organization Control (ISO/IEC 27001:2022) profile. The change log lists changes that were made, ordered by the version number.
The ISO/IEC 27001:2022 - International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) standard provides guidance for developing an Information Security Management System (ISMS). ISMS is a risk-based system through which an organization can design, implement, maintain and continually improve its information security.
Profile versioning
When specifications or controls are edited, removed from, or added to a profile in a way that is not compatible with the current version, a new version is released. To take advantage of the changes in a new version, update your attachments to use the newest profile version.
This profile is consistently updated and is not an exhaustive list of all the controls that might be required for every organization. Be sure to validate the available controls to determine where you might need to supplement your workloads with other security measures.
Version summary
The following table details the release dates and status of each profile version.
New attachments cannot be created on deprecated profile versions. Select the most recent version to use for your evaluation.
| Version number | Release date | Status |
|---|---|---|
| Version 1.0.0 | 2024-08-27 |
Active |
Version 1.0.0
- Now available
- As of 27 August 2024, the ISO/IEC 27001:2022 profile is a collection of controls that is designed to validate the configuration of your resources.